Overview
Microsoft has identified a severe compatibility issue with a small number of anti-virus software products.
We highly suggest all customers review these issues here: https://support.microsoft.com/en-us/help/4072699
Due to to possible BSOD issues that may occur when installing this update on system with out of date AV software, we will be adding a detection prerequisite:
Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"
Value="cadca5fe-87d3-4b96-b7fb-a231484277cc"
Type="REG_DWORD”
- The patches will be offered for deployment if the key exists.
- If key does not exist you will be offered the detection only version of this patch.
Affected patches:
- MS18-01-IE Q4056568 - Cumulative Updates for Internet Explorer
- MS18-01-SO7 Q4056897 - Security Only Update for Windows 7 and Server 2008 R2
- MS18-01-SO81 Q4056898 - Security Only Update for Windows 8.1 and 2012 R2
- MS18-01-MR7 Q4056894 - Monthly Rollup for Windows 7: January 4, 2018
- MS18-01-MR81 Q4056895 - Monthly Rollup for Windows 8.1 and 2012 R2: January 8, 2018
- MS18-01-W10 Q4056888, Q4056890, Q4056891, Q4056892, Q4056893 - Cumulative Update for Windows 10 and Server 2016
- MS18-02-IE Q4074736 - Cumulative security update for Internet Explorer: February 13, 2018
- MS18-02-SO7 Q4074587 - Security Only Update for Windows 7 and 2008 R2: February 13, 2018
- MS18-02-SO81 Q4074597 - Security Only Update for Windows 8.1 and 2012 R2: February 13, 2018
- MS18-02-MR7 Q4074598 - Monthly Rollup for Windows 7: February 13, 2018
- MS18-02-MR81 Q4074594 - Monthly Rollup for Windows 8.1 and 2012 R2: February 13, 2018
- MS18-02-W10 Q4074588, Q4074592, Q4074596, Q4074590, Q4074591 - Cumulative Update for Windows 10 and Windows Server 2016
Affected CVEs:
- CVE-2017-5753
- CVE-2017-5715
- CVE-2017-5754
Link to Security bulletin advisory: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
Additional Information
How to scan for specific patches: How To: Include or Exclude Specific Patches in Scan Results
How to deploy these patches: How To: Deploy Windows Security OOB updates released January 3, 2018
How to add the registry using Security Tool IVA18-002 Q4072699: Security Tool: Implement the QualityCompat registry key that enables Windows security updates released on January 3, 2018
Affected Products
Ivanti Patch for Windows Servers 9.3.x
Shavlik Protect 9.2.x